About The Role Within PwC’s Global Network Information Security (NIS) team, the UK NIS Governance, Risk & Compliance (GRC) team acts as a trusted risk advisor to the UK business. As an Audit & Policy Senior Associate to support the Audit & Policy Manager with the running of the UK’s Information Security Management System (ISMS), to oversee the UK firm’s existing ISO 27001 and Cyber Essentials (CE) certifications, and support internal audit-related requirements. What Your Days Will Look Like Organise and facilitate ISO 27001 audits in the UK and British Channel Islands, from planning to completion; Track and maintain key ISMS documents and assist with ISMS processes, including Risk Assessments; Contribute to the maintenance of existing security certifications, such as Cyber Essentials (CE) and Cyber Essentials Plus (CE); Manage remediation of gaps and nonconformities within ISMS and Cyber Essentials; Investigate discrepancies and propose remedial actions; Contribute to policy creation and advise on policy-related queries; This Role Is For You If You have experience with ISO 27001, Cyber Essentials, and Cyber Essentials Plus; You have experience of internal and external auditing processes; You are skilled in developing and maintaining policies, procedures, and guidelines; You are capable of writing succinctly and presenting for positive outcomes; You have strong attention to detail and the ability to question the accuracy of information; You can travel to the UK firm’s offices located in the UK, Northern Ireland and British Channel Islands; You have knowledge of risk management, including assessment and treatment methodologies (eg ISO 27005, IRAM2, OCTAVE);